Compaq Insight Manager Xe 7.0 SQL Service improper authentication
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 9.7 | $0-$5k | 0.00 |
Summary
A vulnerability was found in Compaq Insight Manager Xe 7.0. It has been classified as critical. Impacted is an unknown function of the component SQL Service. The manipulation leads to improper authentication. This vulnerability is referenced as CVE-2000-1209. Remote exploitation of the attack is possible. Furthermore, an exploit is available. It is recommended to add further authentication.
Details
A vulnerability was found in Compaq Insight Manager Xe 7.0. It has been rated as very critical. This issue affects an unknown code block of the component SQL Service. The manipulation with an unknown input leads to a improper authentication vulnerability. Using CWE to declare the problem leads to CWE-287. When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct. Impacted is confidentiality, integrity, and availability. The summary by CVE is:
The "sa" account is installed with a default null password on (1) Microsoft SQL Server 2000, (2) SQL Server 7.0, and (3) Data Engine (MSDE) 1.0, including third party packages that use these products such as (4) Tumbleweed Secure Mail (MMS) (5) Compaq Insight Manager, and (6) Visio 2000, which allows remote attackers to gain privileges, as exploited by worms such as Voyager Alpha Force and Spida.
The bug was discovered 01/15/2004. The weakness was published 01/15/2004 as confirmed advisory (CERT.org). The advisory is shared at kb.cert.org. The identification of this vulnerability is CVE-2000-1209. The exploitation is known to be easy. The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. Technical details are unknown but a public exploit is available. The price for an exploit might be around USD $0-$5k at the moment (estimation calculated on 10/11/2025).
After immediately, there has been an exploit disclosed. The exploit is available at exploit-db.com. It is declared as highly functional. The vulnerability scanner Nessus provides a plugin with the ID 10673 (Microsoft SQL Server sa Account Default Blank Password), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Databases and running in the context r. The commercial vulnerability scanner Qualys is able to test this issue with plugin 19001 (Microsoft SQL Weak Database Password).
It is possible to mitigate the problem by adding an authentication mechanism. Attack attempts may be identified with Snort ID 688. Furthermore it is possible to detect and prevent this kind of attack with TippingPoint and the filter 1397.
The vulnerability is also documented in the databases at X-Force (9154), Exploit-DB (16395), Tenable (10673), SecurityFocus (BID 4797†) and OSVDB (3570†). If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Product
Vendor
Name
Version
License
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 10.0VulDB Meta Temp Score: 9.7
VulDB Base Score: 10.0
VulDB Temp Score: 9.7
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Improper authenticationCWE: CWE-287
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Access: Public
Status: Highly functional
Download: 🔍
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 10673
Nessus Name: Microsoft SQL Server sa Account Default Blank Password
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
Nessus Context: 🔍
OpenVAS ID: 10673
OpenVAS Name: Microsofts SQL Blank Password
OpenVAS File: 🔍
OpenVAS Family: 🔍
Qualys ID: 🔍
Qualys Name: 🔍
MetaSploit ID: mssql_payload.rb
MetaSploit Name: Microsoft SQL Server Payload Execution
MetaSploit File: 🔍
Exploit-DB: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: AuthenticationStatus: 🔍
0-Day Time: 🔍
Exploit Delay Time: 🔍
Snort ID: 688
Snort Message: SQL sa login failed
Snort Class: 🔍
Suricata ID: 2100680
Suricata Class: 🔍
Suricata Message: 🔍
TippingPoint: 🔍
McAfee IPS: 🔍
McAfee IPS Version: 🔍
SourceFire IPS: 🔍
ISS Proventia IPS: 🔍
PaloAlto IPS: 🔍
Timeline
05/25/2001 🔍05/22/2002 🔍
08/12/2002 🔍
08/12/2002 🔍
12/08/2002 🔍
01/15/2004 🔍
01/15/2004 🔍
01/15/2004 🔍
01/19/2004 🔍
07/22/2014 🔍
10/11/2025 🔍
Sources
Advisory: kb.cert.orgStatus: Confirmed
Confirmation: 🔍
CVE: CVE-2000-1209 (🔍)
GCVE (CVE): GCVE-0-2000-1209
GCVE (VulDB): GCVE-100-18485
CERT: 🔍
X-Force: 9154
SecurityFocus: 4797 - Microsoft MSDE/SQL Server 2000 Desktop Engine Default Configuration Vulnerability
OSVDB: 3570 - Compaq Insight Manager Default Password
Vulnerability Center: 301 - Multiple Products with \, Critical
scip Labs: https://www.scip.ch/en/?labs.20161013
Entry
Created: 07/22/2014 20:34Updated: 10/11/2025 16:23
Changes: 07/22/2014 20:34 (83), 05/06/2019 09:14 (8), 12/27/2024 01:41 (16), 04/23/2025 05:08 (2), 05/31/2025 20:22 (3), 10/11/2025 16:23 (2)
Complete: 🔍
Cache ID: 216:F1C:103
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
No comments yet. Languages: en.
Please log in to comment.